A passionate DevSecOps Engineer dedicated to integrating security-first automation into the continuous delivery lifecycle, operating within Agile/DevOps methodologies.

I possess a strong technical foundation in security tooling, cloud infrastructure, and CI/CD pipeline development, with expertise in designing and implementing secure, resilient, and fully automated deployment systems leveraging GitOps principles to ensure infrastructure immutability and security compliance at scale.

Specialized in shift-left security, implementing comprehensive security scanning (SAST, DAST, SCA, SBOM) across the entire SDLC, from code commit to production runtime monitoring.

• Jaipur Engineering College (JEC)
  • Bachelor of Technology - B.Tech, Computer Science and Engineering

• 🎓 Education: B.Tech in Computer Science and Engineering from Jaipur Engineering College
• 💖 Core Focus: DevSecOps, GitOps, Cloud-Native Security, Supply Chain Security, and Observability
• 👨🏽‍💻 Currently Deepening Knowledge in:
  • Advanced Kubernetes Security (Admission Controllers, RBAC, Network Policies, Pod Security Standards)
  • Azure DevOps & Security Services (Azure Defender, Sentinel, Key Vault)
  • Container Security Hardening (Distroless images, Runtime security with Falco)
  • Software Supply Chain Security (SBOM, SLSA framework, Sigstore/Cosign)
  • Zero Trust Architecture implementation
• 📚 Key Technologies & Methodologies:
  • Agile/Scrum development practices with security integration
  • CI/CD Security Pipelines: GitLab CI, Jenkins, GitHub Actions with comprehensive scanning
  • Infrastructure as Code: Terraform, Ansible, CloudFormation
  • Container Orchestration: Docker, Kubernetes, EKS, AKS, GKE
  • Security Automation: Python, Bash scripting for security workflows
  • Databases: MySQL, PostgreSQL, MongoDB, Redis
  • Observability Stack: Prometheus, Grafana, Jaeger, ELK, OpenTelemetry, AlertManager
• 🔒 Security In Depth:
  • Secret Management: TruffleHog, Gitleaks for credential detection
  • Dependency Scanning: OWASP Dependency-Check, Snyk SCA
  • Container Security: Trivy, Dockle for image hardening
  • Vulnerability Assessment: Nuclei, OpenVAS for infrastructure scanning
  • IaC Security: Checkov, Terrascan, TFSec for Terraform/CloudFormation
  • SAST/DAST: SonarQube, OWASP ZAP
  • K8s Security: Kube-bench, Kube-hunter, Falco runtime protection
• 🤔 Currently Exploring:
  • Advanced vulnerability scanning with fuzzing techniques
  • Building self-healing infrastructure patterns
  • eBPF-based security monitoring with Tetragon
  • Service Mesh security with Istio/Linkerd
  • Policy-as-Code with OPA/Rego
• 🖍 Getting Better At:
  • Python automation for DevSecOps workflows
  • Advanced Bash scripting for CI/CD pipelines
  • Go programming for cloud-native tooling
  • Threat modeling and security architecture design
• 👀 Interests: Cloud & DevSecOps Engineering, Security-as-Code, Platform Engineering, SRE practices

💬 Ask me about:

• Kubernetes & Cloud-Native Security
• GitOps & ArgoCD implementation
• CI/CD pipeline security automation
• Container security hardening (Trivy, Dockle)
• Secret detection & management (TruffleHog, Gitleaks)
• Vulnerability scanning (Nuclei, OWASP Dependency-Check)
• IaC security best practices
• Comprehensive observability stacks
• Supply chain security & SBOM

⚡ "DevOps is not a goal, but a never-ending process of continual improvement" - Jez Humble